- From: Daisuke Ajitomi <notifications@github.com>
- Date: Thu, 21 Jun 2018 01:14:27 -0700
- To: httpslocal/proposals <proposals@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 21 June 2018 08:15:01 UTC
@martinthomson Many thanks for your proposal. I'm not sure that I understood the proposal correctly, it is very interesting to me. I have some comments and questions below. > For this, HTTP Alternative Services can be used to provide an alternative route to the device that does not depend on the external server. It's interesting. I've never thought about such kind of solution before. > Extended Origins for Local Domains In the main proposal, do you assume that devices that have *.local (or *.home.arpa) domain names use self-signed certificates (or RPKs)? If it is true, I think the threat of MITM attack still remains. Is that right? > ACME Gateway for Development Is the idea available only for development? In other words, is there any possibility for browsers to provide local devices with ACME-server functionality (not only over loopback I/F, but also over wlan0, etc.). Of course, there are many things to care about but I'd like to know your opinion whether it is feasible or not. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpslocal/proposals/issues/1#issuecomment-399015891
Received on Thursday, 21 June 2018 08:15:01 UTC